Anyone seeking proof beyond the marketing hype that cloud computing has truly arrived, can find a form of validation in the latest Cloud Security Report from security as a service provider Alert Logic.
You may not have seen this research so I’ll do my best to give a quick one sentence summary: There has been a significant increase in attacks on cloud and on-premise infrastructures and some of them (brute force attacks and vulnerability scans) are “occurring at near-equivalent rates” in both.
This represents a significant change from previous years where the rate of those attacks on on-premise infrastructure was significantly higher than for cloud environments. The reason? According to Stephen Coty, chief security evangelist at Alert Logic, “the observed increase in cloud attacks is correlated to the growth of cloud adoption in the enterprise. As more enterprise workloads have moved into cloud and hosted infrastructures, some traditional on-premises threats have followed them”.
So there you go. The more popular cloud becomes and the more widely adopted it is by enterprises, the more likely it is to be targeted by security attacks. According to Alert Logic, the threat to the cloud is growing on two fronts: the total number of attacks is increasing, and attacks that were historically directed at on-premises environments are now moving to the cloud.
Of course, on-premises environments are more frequent targets but attacks directed at cloud environments “have increased significantly and are expected to continue at a rate that matches the accelerated pace of cloud adoption and the continued migration of more valuable workloads to the cloud”.
Now, there’s a level of ho-hum to this in that it’s fairly obvious the cloud will become a more attractive target from security ne’er do wells as its usage increases but the fact it’s already happening provides some evidence, even if it is through a level of negative reinforcement, that cloud is becoming more widely adopted by enterprises.
The channel angle in all this I suppose is to ensure customers get the security right when they choose to migrate workloads and applications to the cloud. Alert Logic is fairly certain that the volume and persistence of attacks will increase and become more sophisticated, noting that “the threat diversity for the cloud has increased to rival that of on-premises environments”.
Alert Logic argues customers need to “understand the different roles and responsibilities that exist between a cloud provider and the company deploying their own (or third-party) applications in the cloud”. Cloud providers deliver core security from their data centres up to specific layers but “responsibility for the application and its underlying host/operating system and network falls to the customer”.
Alert Logic believes it is “an absolute necessity” that customers appreciate the security and compliance requirements for their business and applications, map them to the right cloud provider, source the right products and build the right processes “to manage events, incidents and ongoing security in the cloud”.
Anyone else feel a “hey, that sounds like a job for a channel partner” moment coming on?
Subscribers 0
Fans 0
Followers 0
Followers